Idea: Security Engineering Principles for Day Two Car2X Applications

Car2X communication based on IEEE 802.11p has been prepared over the last years by a tremendous collaborative effort of the automotive industry, researchers, and standardization bodies. At the European level ETSI has released a first set of standards for interoperability and initial deployment in February this year. The "day one" Car2X applications, which will be implemented soon, do not automatically intervene into the driving behaviour of a car, but such "day two" applications will be the next step. In this idea paper we highlight some principle differences between Car2X and traditional security-relevant systems such as banking. We show how this might lead to a more straightforward escalation of attacks, which should be kept in mind in view of the safety-relevant "day two" applications. We also propose a principle of how to avoid this. In current work we test the feasibility of the attacks.